• Hot plug attacks


Take social engineering to the next level with hot plug attacks (HAK5), which are devices hidden in the packaging of a common USB flash drive, network cable, wi-fi receiver and other devices.

Hot plug works largely on human vulnerabilities. For example, for devices that hide in the packaging of a flash drive - RubberDucks - the device is identified on the computer as a keyboard or mouse, and the device can easily be infiltrated. That's because virtually every computer, whether a desktop PC, laptop, tablet or smartphone, takes input from a human operator via keyboard, mouse or touch. This is the reason ehy the ubiquitous HID - Human Interface Device - standard was created. Simply put, if you connect a device to a USB that claims to be an HID standard keyboard, the vast majority of operating systems will automatically detect and connect it. Windows, Mac, Linux or Android - it's simply a keyboard.

The simplicity is taken into account, for example in the scripting language used in these devices. Writing a payload is as simple as writing in a notepad.